Marketing Due Diligence: Avoiding the Pitfalls

April 25, 2005

Credit unions are responsible for actions of their third-party service providers—a fact highlighted by a recent case involving a California thrift.

Fidelity Federal Bank of Glendale, California, paid $1.6 million July 8 to settle allegations that it discriminated against Hispanic borrowers through its relationship with third-party service providers.

"Every borrower deserves to be treated with respect and dignity," said Assistant Attorney General for Civil Rights Ralph F. Boyd Jr. "No one should be harassed based on their national origin or discriminated against based on the source of their income."

Where did Fidelity go wrong?

• It discouraged people who received public assistance from applying for its subprime credit cards
• When people on public assistance did apply for the cards, the bank offered them less favorable terms than other applicants
• It harassed Hispanic customers
• It required all members of a household to sign an application for its credit cards
• It denied the credit cards to people who couldn't read or understand English

Your credit union never would do such a thing, right?

Neither did Fidelity. It hired third-party marketers to handle its credit card business—and was held responsible, even though the third-party marketers were the ones accused of violating the Equal Credit Opportunity Act.

A National Credit Union Administration Letter to Credit Unions written last November emphasized that credit unions have to undertake a "due diligence" review before they enter into a business relationship with a third party—and they also must continue to monitor performance after they've begun working with a third party.

"The NCUA letter makes it clear that credit unions not only are expected to undertake a due diligence review prior to entering into a business relationship with a third party but also must set up controls to monitor performance," says CUNA Senior Vice President Kathy Thompson.

Fidelity Federal Bank's settlement with the Justice Department underscores all financial institutions' responsibility for the third parties they hire. Not only can a poorly performing service provider expose a credit union to possible hefty fines, it can undermine the credit union's reputation with members and in the community.

What's a credit union to do? Here are the minimum procedures for getting started, from the NCUA letter:

• Determine whether the proposed activities are consistent with your overall business strategy and risk tolerances
• Contact clients of the third party to find out if they are satisfied with the prospective partner's performance.
• Make sure the rights and responsibilities of each party are clearly laid out in the contract with the third-party provider
• Review the service provider's financial statements
• Project the credit union's expected revenue, expenses, and net income on its investment, and consider how each of these factors may change under different economic conditions
• Thoroughly review your own insurance coverage, given the potential for increased liabilities accompanying third-party relationships

Once your credit union has entered into a third-party relationship, adopt these monitoring and reporting practices:

• Develop detailed policy guidance with responsibilities and reporting requirements
• Put a staff member in charge of monitoring the performance of the third party
• Submit reports to senior officials and directors about when targets are met or exceeded or when the third-party provider is not in compliance with the terms of the agreement

This story was first published by The Point for Credit Union Research and Advice. Reprinted with permission. Louise Wynn is a communications specialist with CUNA & Affiliates in Washington, D.C. Contact her at lwynn@cuna.coop or 202-508-6770.

Post this page to:

Comments